by Michael S. Kaplan, published on 2007/05/11 03:01 -04:00, original URI: http://blogs.msdn.com/b/michkap/archive/2007/05/11/2540340.aspx
Charles is always good for a fun link or two, an the mail he sent a while back is no exception:
Don't know if the above subject line comes through okay; just wondering if characters whose glyphs are mirrored or inverted transformations of other characters would or should be counted into the confusables.txt list. There are some sites having fun with those; at first glance it would look like it's just flipping the display around but it's actually making use of codepoints to do it.
I have a hard time considering them confusables since people would be unlikely really confuse them. I mean, would you click on ɯoɔ˙ʇɟosoɹɔᴉɯ˙ʍʍʍ thinking it was www.microsoft.com? :-)
In any case, still a fun link from way back when, especially as people continue to think about the issue with confusables in URLs....
This post brought to you by ɯ (U+026f, a.k.a. LATIN SMALL LETTER TURNED M)
# Dean Harding on 11 May 2007 3:59 AM:
I used to do that to my name on msn, it was always a talking point when my name showed up upside-down... The trouble was finding a set of charcters in Tahoma that would work (because those were the only ones guaranteed to not show up as squares in every place it displayed names). Ahh, the good old days ;-)
# Michael S. Kaplan on 11 May 2007 9:20 AM:
The sad part was that the entire string was visible in the Community Server composition UI -- it just fails for many people in the actual UI.....
# Michael S. Kaplan on 11 May 2007 10:52 AM:
Hi Buzz --
Nothing bad happens to the site, unless the reader one is using cannot support Unicode well (these are all valid Unicode characters). The display shos lots of null glyphs for some people, but that is hardly damage that is irrepairable....
# Michael S. Kaplan on 11 May 2007 10:53 AM:
Plus, I like sex, drugs, and rock and roll!
# Raymond Chen - MSFT on 11 May 2007 11:13 AM:
There is confusable potential here, though. Sure, you won't click on ɯoɔ˙ʇɟosoɹɔᴉɯ, but you may click on www.microsoft.com or paypal.com.
# Michael S. Kaplan on 11 May 2007 11:21 AM:
www.microsoft.com and paypal.com are safe -- the worry is www.micrοsοft.cοm (Greek small omicrons) and pаypаl.com (Cyrillic small As) !
But that area is one I've talked about in the past (the actual confusables), and been giving feedback to the people doing the work here at Microsoft and writing the security reports for Unicode.
The upside down stuff does not worry me so much, though. :-)
# Raymond Chen - MSFT on 11 May 2007 11:21 AM:
No wait I'm a moron. There is no upside-down d. But you can still try to fake people out by using an upside-down w for an m. ʍicrosoft.com.
# Michael S. Kaplan on 11 May 2007 12:45 PM:
People would be more likely to fall for that shape for mcdonalds.com, I think. :-)
Chuck on 11 May 2007 12:58 PM:
One scenario that would come to mind is if a hyperlink using the inverted characters were embedded in a PDF file (for example), and the page is flipped to look like it's rightside-up as downloaded off the server.
# Michael S. Kaplan on 11 May 2007 9:59 PM:
On a proper note of irony, it looks good in FeedDemon and in IE7, though it does not look so good in IE6....
go to newer or older post, or back to index or month or day